Skip navigation
McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams
1602 Views 2 Replies Latest reply: Jan 16, 2013 6:12 PM by btlyric RSS
Regis Champion 457 posts since
Oct 6, 2010
Currently Being Moderated

Jan 15, 2013 10:48 AM

Blocking Internet Java (January 2013 edition)

[moved to new thread   but ref: the older thread https://community.mcafee.com/message/270727#270727   ]

 

With the latest widely-exploited-and-baked-in-exploit-kits Java 0day [1] going around again (which is only half fixed [2] by the latest Java 7 patch)... and with Java 6 a few weeks away from being EOL'd while many many enterprise critical internal Java interfaces don't necessarily work with Java 7... curious how many folks are blocking Java now, and  how they're going about it.    

 

What legitimate sites are you seeing that are going on your whitelists given that no save version of Java exists right now?

 

In reviewing logs, I've found a lot of Java mime-types that don't appear to be on the pre-baked list in my MWG interface at mentioned by helpful posters in

https://community.mcafee.com/message/270727#270727     I am also trying to divine a method where I don't keep Eclipse and friends from getting their updates.  Eclipse uses a non-Mozilla user-agent so I think that will be part of the logic I implement.  The other thing I have to be careful of is the legit use of web meetings where Java often comes into play especially for limited users and not able to isntall ActiveX controls that some meeting solutions leverage.

 

[1] http://krebsonsecurity.com/tag/java-0day/  and http://blog.spiderlabs.com/2013/01/first-java-0day-for-the-year-2013.html

[2] http://immunityproducts.blogspot.com/2013/01/confirmed-java-only-fixed-one-of-tw o.html

 

Shared experiences welcome!    And no one be deluded into thinking AV signatures will save us from this one.  :-)

More Like This

  • Retrieving data ...

Bookmarked By (0)

Legend

  • Correct Answers - 5 points
  • Helpful Answers - 3 points